You can remove the Db2
DATAACCESS authorization from the Manager role to limit the access that upgraded Manager users have
to database tables.
Before you begin
- Who needs to complete this task?
- To complete this task, you must be a Data Virtualization
Manager.
About this task
Data Virtualization Manager users only can access
and work with data that they own or that they have been explicitly added to. If you upgraded your
Data Virtualization instance to 3.0.3 or higher, then you
can remove the Db2 DATAACCESS
authorization from the Manager role to restrict its access to database tables.
Procedure
- Log in or connect as a user with the Data Virtualization Manager role to run the following
statements.
- Run the following statement to revoke
DATAACCESS
Db2 authority from the Manager role:
REVOKE DATAACCESS ON DATABASE FROM ROLE DV_ADMIN
- Run the following statements to grant administrative privileges to the Manager
role.
GRANT DBADM ON DATABASE TO ROLE DV_ADMIN
GRANT INSERT, UPDATE, DELETE ON DVSYS.INSTANCE_INFO TO ROLE DV_ADMIN